Review: Vista, XP Users Equally At Peril To Viruses, Exploits

Pages

Vista provides an extra layer of protection for users when they go to Web sites with self-signed certificates. Users had to click on a red link to access those sites. XP produced a single pop-up warning message.

Engineers did not use phishing techniques to test security, but it's worth noting that IE 7's phishing filter failed to connect several times to Microsoft's security site to identify fraudulent Web sites.

Compared: Vista Vs. XP SecurityRating: 1-5 stars (5=best, 1=worst)

MALWARE

VISTA

XP

Spyware/Adware

Obfuscated Code Exploits

Dangerous ActiveX Objects

RDS Exploits*

Script Exploits

Image Exploits

VML Exploits

Trojans

Viruses

Malformed Web Pages

Known Malicious URLs

* With or without code obfuscation.

Source: CRN Test Center

Moreover, many of the bots introduced by various malware kept trying to access remote hacking sites. Vista didn't stop this activity.

THE BOTTOM LINE

Based on the Test Center's findings, businesses that migrate their Windows PCs from XP to Vista will get a slightly more secure OS. But as the Finjan reports showed, Vista's security remains wafer thin.

In the end, both the Vista and the XP test notebooks were almost equally damaged by viruses, trojans and other malware. And because most of the Web sites in the test were able to exploit Vista's weaknesses, Internet users are just about equally vulnerable with both OSes.

VARs can still cite improved security as a selling point for Vista upgrades. Yet to avoid giving customers a false sense of safety, solution providers should stress that third-party security suites also will be needed to provide systems with ample protection.